Embodiments of the present invention relate to network traffic and, more specifically, to enforcing a centralized, cryptographic network policy for various traffic at a host.
For an Internet Protocol (IP)-based application, such as a web-based application, network security can be built into the application itself or into the Transmission Control Protocol/Internet Protocol (TCP/IP) stack used by the application. For example, application-based security protocols include Transport Layer Security (TLS) and Secure Shell (SSH). An example of a TCP/IP stack security protocol is Internet Protocol Security (IPsec).
In a system running multiple applications, more than one of these network security protocols can be in use for running applications at a given time. In some cases, more than a single network security protocol can even be used for a single TCP/IP connection.